Re: [Server-devel] paraguay XS customizations

[Martin Langhoff]

Hi Daniel,

Interesting notes - some questions...

On Wed, May 20, 2009 at 5:11 PM, Daniel Drake d...@laptop.org wrote:
 1. A script is installed to synchronize activities from the
 mothership, and is executed once per day. After synchronization, it
 runs xs-regenerate-activities. (the activities are currently not
 synced through puppet's file transfer protocol, because it does not
 cope well with large files such as gcompris.xo)

Does puppet hadnle disconnected hosts?

 2. Some user accounts are created for remote maintenance

Do you use SOTP? The pam libs are in place... ;-)

 4. squid http caching is turned on. (it is off by default with XS install)

- Have you changed it to support https? Or does https bypass the cache?
- Have you experimented with polipo?
- What bandwidth do the schools have? How many users?

 5. squidguard is installed and configured, including a modification to
 /etc/squid/squid-xs.conf.in, and the shallalist blacklists are also
 synchronized from the mothership.

You're running it on the XS.

 - What does ps_mem.py say about mem footprint of squid + squidgard
when it's busy?
 - What's the effectiveness of squidgard -- from a users' perspective?
What do they like / dislike in it?
 - What % of your pipe is used by content that squidgard will mark as 'bad'?

 9. a custom network monitoring daemon is installed and enabled, which
 pings all the access points in the school and reports results to the
 paraguayan inventory system every 15 minutes.

Interesting, but I guess harder to generalise...



m
-- 
 martin.langh...@gmail.com
 mar...@laptop.org -- School Server Architect
 - ask interesting questions
 - don't get distracted with shiny stuff  - working code first
 - http://wiki.laptop.org/go/User:Martinlanghoff
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel

[Server-devel] paraguay XS customizations

[Daniel Drake]

In case it is of interest to anyone, here is a summary of changes made
to XS-0.5.2 for the paraguayan deployment, in no particular order.

All of these changes are automated and maintained through puppet, with
puppetmaster running on a master server which we call the
mothership. To install an XS, we run the default installer, set the
hostname, configure networking, install puppet, configure puppet, wait
for puppet to complete it's initial synchronization of all of the
below (~10 mins) and then shut down and ship to the school.


1. A script is installed to synchronize activities from the
mothership, and is executed once per day. After synchronization, it
runs xs-regenerate-activities. (the activities are currently not
synced through puppet's file transfer protocol, because it does not
cope well with large files such as gcompris.xo)

2. Some user accounts are created for remote maintenance

3. A script to import leases through xs-activation-import is installed
(a separate script is needed because puppet file sync is incompatible
with the fact that xs-activation-import deletes the input file). Also,
a json lease file is synchronized, and the lease import script is
executed each time a new copy of the file arrives.

4. squid http caching is turned on. (it is off by default with XS install)

5. squidguard is installed and configured, including a modification to
/etc/squid/squid-xs.conf.in, and the shallalist blacklists are also
synchronized from the mothership.

6. a custom website is installed at http://schoolserver/pycontenindo
(we'll use moodle once it is more mature) and an apache config file is
installed to redirect http://schoolserver/ to that address. it also
enables apache listening on http://127.0.0.1 which is needed with
squidguard

7. mysql daemon is installed and configured (required by cacti)

8. cacti is installed and configured, along with snmpd. this is for
monitoring the utilisation and performance of our internet
connections.

9. a custom network monitoring daemon is installed and enabled, which
pings all the access points in the school and reports results to the
paraguayan inventory system every 15 minutes.
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel